Identity and Access Management (IAM)

Identity and Access Management (IAM) is the set of business processes and supporting infrastructure for the creation, maintenance, and use of digital identities. These processes ensure the right people are able to securely access the right services.

IAM has been identified as one of the top 10 priority projects for Higher Education by several research organizations such as Gartner and EDUCAUSE. As higher education increasingly depends on virtual services for conducting its core missions, e-identity is emerging as a critical strategic asset. Drivers behind its continued attention include: user-convenience (single sign-on), security, compliance, privacy, and efficiencies from shared services for economies of scale.

IAM Benefits for Students, Faculty and Staff

Reduce the number of user IDs and passwords required to access University systems and services

Establish one University credential (i.e. ID and password)

Reduce the number of times that faculty/staff are challenged to authenticate during a session

Track affiliations more efficiently

Provide capabilities for faculty and researchers to collaborate across Universities by allowing them to securely access external resources with their University IDs

Expedite and improve overall access processes for guests and affiliates including research collaborators, contractors, visiting students, conference attendees, and others

Provide a central authentication system to support applications across a variety of platforms and scope including mobile, departmental and centrally-supported applications

Provide self-service functionality where appropriate allowing University and external colleagues to request and revoke access

SiteMinder: SiteMinder is the new Web Access Management system used by the University of Illinois, which will eventually replace both Enterprise Authentication System (EAS) and Bluestem authentication.

Project Timeline Summary

March – September 2013: Implement Advanced SiteMinder Features

2013 – 2014: Review Federation Solution

2014 – 2015: Password Management Implementation

2015 – 2016: Implement Provisioning/De-provisioning

2015 – 2016: Access, Auditing and Compliance Control

2015 – 2016: Business Intelligence

Project Success Measures

The IAM Steering Committee has approved the following success measures for the IAM project:

Establishing one University credential (i.e. ID and password)

Requiring single sign-on for all campus and UA technologies

Reducing the number of times a user is prompted to authenticate during a session

Providing the self-service functionality (where appropriate and authorized) to allow University and external colleagues to request and revoke access to University and external resources

Protecting the privacy of University community members

Allowing individuals some dimension of control over their personal information

Providing complete transparency over University use of one's personal information

Understanding and managing risk to the University data environment

Raising our confidence in establishing and managing a person’s identity and the rigor of one’s credentials

Reducing the number of entry points for University systems

Establishing stronger and longer relationships with University community members

Retaining one’s identity for life

Providing a central authentication system to support applications across a variety of platforms and scope, including mobile, departmental and centrally-supported applications

Asking ourselves: "How much work will it be for departmental staff to use the new central system?"